ESET warns of a new Trojan spreading under the guise of an Adobe Flash Player update

16 February 2017
Experts from ESET, known to many for its Nod32 antivirus, announced the discovery of a new Trojan. According to the data they published, the malware is designed to steal money from bank accounts and affects only Android devices.Android version of ESET NOD32 Mobile Security detects the threat as Android/TrojanDownloader.Agent.JI. It is known to get on victims' gadgets under the guise of an update for Adobe Flash Player. Once installed, it downloads and launches other malicious programs, which, in turn, are engaged in the theft of user funds through mobile banking systems. ESET specialists warn that this Trojan can also be used to spread encryptors and all sorts of spyware: attackers only need to change its code slightly. After installation, the Trojan is saved on the victim's device under the guise of Saving Battery service and requests advanced rights in the system. Therefore, detecting its presence on the gadget is quite easy. To do this, simply enter the "Special Features" menu and check if the Saving Battery service is on the list. In the case of infection, you can cope with the malware yourself. To do this, you will first need to disable all the permissions of the Trojan, which will appear as "Flash-Player", in the security settings, and then delete it in the Application Manager. However, these actions will only help get rid of the initial threat, and all the malware already downloaded will remain on the device. Therefore, experts recommend using a reliable antivirus and downloading applications only from trusted sites.